Preparing Kubernetes (K8s) cluster

Prepare your Kubernetes (K8s) cluster for deployment.

About this task

Follow the steps in the table to prepare your cluster.

Item	Details
Provision the virtual machines.	See Deployment considerations.
Review the system requirements.	See Kubernetes Cluster Hardware Recommendations.
Open the needed ports.	See the Table.
Install the Docker container on Master node and Worker nodes.	For more information about installing Docker, see the Docker Documentation.
Install `kubeadm`,`kubelet`, and `kubectl`.	For more information about the installation, see Installing kubeadm, kubelet and kubectl.
Set up Kubernetes Control Plane on the Master node.	See Overview of kubeadm. Take note of the output for the `JOIN` command for worker nodes.
Install a Pod network add-on so that your Pods can communicate with each other. Calico is used here. Calico is a networking and network policy provider. Calico supports a flexible set of networking options so you can choose the most efficient option for your situation, including nonoverlay and overlay networks, with or without BGP. Install a Pod network add-on with the following command on the control-plane node or a node that has the kubeconfig credentials: `kubectl apply -f <add-on.yaml>` Note: You can install only one Pod network per cluster.	Deploy Calico with the following command: `kubectl apply -f https://docs.projectcalico.org/v3.11/manifests/calico.yaml`
Join all the nodes to your cluster. The nodes are where your workloads that have the containers and Pods run.	To add new nodes to your cluster, do the following tasks on each worker node: Run the command so on that is the output of `kubeadm init` command. Note: When you run this command from the control plane or master node, make sure that the token is not expired. For example, `kubeadm join --token <token> <control-plane-host>:<control-plane-port> --discovery-token-ca-cert-hash sha256:<hash>` Verify that the node is now a part of the cluster with the following command: Note: Run these commands master node only. `kubectl get nodes kubectl describe node <node_name>` Verify that the cluster is working correctly with the following commands: Note: Run these commands in master node only. Check versioning with the following commands: `kubeadm version kubelet --version kubectl version` Check cluster information with the following command: `kubectl cluster-info` Check component status with the following command: `kubectl get cs` Check Nodes status with the following command: `kubectl get nodes` Check Pods status with the following command: `kubectl get pods --all-namespaces -o wide`
Deploy Kubernetes Dashboard.	For more information, see Deploying the Dashboard UI.
Access the Dashboard externally.	Edit the dashboard service and change service type from ClusterIP to NodePort. Run the following command: `kubectl -n kubernetes-dashboard edit service kubernetes-dashboard` Get the mapped port for Dashboard Service port with the following command: `kubectl -n kubernetes-dashboard get services` Use the NodePort, which is the external port for `kubernetes-dashboard` to log in to the Dashboard as follows: https://`<master_node_IP>`:`<externalPort>` For more information, see Accessing Dashboard 1.7.x and above.
Optional: Edit the port number for Kubernetes Dashboard if it clashes with any of the service ports in Telco Network Cloud Manager - Performance.	Run the following commands to update the port number: `kubectl -n kubernetes-dashboard edit service kubernetes-dashboard` Update the `nodePort` to 31000. Note: Recommend updating to 31000 for easy remembrance and consistency.

Ports to be opened on Kubernetes cluster.

Component	Default ports	Protocol	Node
Kubernetes API Server	6443	TCP	Master
`etcd` Server client API	2379-2380	TCP	Master
Kubelet API	10250	TCP	Master
`kube-scheduler`	10251	TCP	Master
`kube-controller-manager`	10252	TCP	Master
Read-Only Kubelet API	10255	TCP	Master
Kubelet API	10250	TCP	Worker
Read-Only Kubelet API	10255	TCP	Worker
NodePort Services	30000-32767	TCP	Worker